Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-0061

    WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.... Read more

    Affected Products : www_file_share_pro
    • EPSS Score: %0.31
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0095

    McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %5.80
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0049

    Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port.... Read more

    • EPSS Score: %0.78
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0069

    Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function.... Read more

    Affected Products : windows_ftp_server
    • EPSS Score: %8.30
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0091

    NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. ... Read more

    Affected Products : vbulletin
    • EPSS Score: %0.43
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0060

    WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via a large POST request.... Read more

    Affected Products : www_file_share_pro
    • EPSS Score: %0.66
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0067

    Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7... Read more

    Affected Products : phpgedview
    • EPSS Score: %1.65
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1032

    Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of service (crash) via a malformed URL to the web server, possibly in... Read more

    Affected Products : pi3web
    • EPSS Score: %4.82
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0057

    The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used... Read more

    Affected Products : tcpdump
    • EPSS Score: %25.25
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0073

    PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that co... Read more

    Affected Products : easydynamicpages
    • EPSS Score: %5.38
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0988

    Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.... Read more

    Affected Products : linux kde
    • EPSS Score: %7.32
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1180

    Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).... Read more

    • EPSS Score: %0.76
    • Published: Feb. 16, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2082

    The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters.... Read more

    Affected Products : sami_ftp_server
    • EPSS Score: %5.88
    • Published: Feb. 13, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2088

    Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.... Read more

    Affected Products : sophos_anti-virus
    • EPSS Score: %5.69
    • Published: Feb. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1214

    Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions.... Read more

    Affected Products : ezcontents
    • EPSS Score: %0.42
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-2083

    Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."... Read more

    Affected Products : opera_browser
    • EPSS Score: %1.14
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2091

    Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.... Read more

    Affected Products : baseline_security_analyzer
    • EPSS Score: %14.43
    • Published: Feb. 10, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2093

    Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setu... Read more

    Affected Products : rsync
    • EPSS Score: %0.29
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2078

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffer overflow.... Read more

    Affected Products : red-alert
    • EPSS Score: %12.07
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2092

    eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.... Read more

    Affected Products : inoculateit
    • EPSS Score: %0.06
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291593 Results